package com.example.ss_shiro.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.example.ss_shiro.realm.AccountRealm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.Hashtable;
import java.util.Map;

    @Configuration
/**
 * 自定义好的Realm 挂到过滤器上
 */
public class ShiroConfig {
    /**
     * 顺序3
     * @param securityManager
     * @return
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager securityManager ){
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setSecurityManager(securityManager);
        //权限设置
        Map<String,String> map= new Hashtable<>();
        map.put("/main","authc");
        map.put("/manage","perms[manage]");
        map.put("/administator","roles[administrator]");
        factoryBean.setFilterChainDefinitionMap(map);
        //设置登录页面
        factoryBean.setLoginUrl("/login");
        //设置未授权跳转页面，增加用户友好型 401 用户不懂什么意思
        factoryBean.setUnauthorizedUrl("/unauth");
        return factoryBean;
    }

    /**
     *顺序2
     * @param accountRealm
     * @return
     */
    @Bean
    public DefaultWebSecurityManager securityManager(@Qualifier("accountRealm") AccountRealm accountRealm){

        DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
        manager.setRealm(accountRealm);
        return  manager;
    }

    /**
     * 顺序1
     * @return
     */
    @Bean
    public AccountRealm accountRealm(){
        return  new AccountRealm();
    }

    /**
     * shiro 整合thyemeleaf
     *
     * @return
     */
    @Bean
    public ShiroDialect shiroDialect(){
        return new ShiroDialect();
    }
}
